Here you will find all the articles with the tag: log4shell.
The Spring4Shell vulnerability is being abused in large numbers. European companies appear to be favoured among attackers. In the first four days following Spring4Shell's discovery, one in six of those affected had been targeted by hackers. This is concluded by Check Point in a recent report. T... Read more
10 months ago
The zero day vulnerability allows remote code execution. A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, according to a report in Bleeping Computer. The vulnerability allows unauthenticated remote code execution on applications. ... Read more
10 months ago
A third of all Log4j instances remains unpatched more than four months after the discovery of a highly critical vulnerability. Qualys research shows that about 30 percent of all applications, servers and systems running Log4j are still prone to Log4Shell, the infamous vulnerability. Remote hacke... Read more
10 months ago
A Log4j investigation led Microsoft to a new vulnerability related to the infamous SolarWinds attack of 2020. Microsoft states that the search for various Log4j vulnerabilities yielded a welcome byproduct. During a recent investigation, researchers stumbled upon a previously unknown vulnerabilit... Read more
1 year ago
The UK's National Health Service (NHS) has issued a warning stating that hackers are actively exploiting Log4j vulnerabilities in unpatched VMware Horizon servers. Log4j vulnerabilities are everything but a concern of the past. The problem continues to claim victims. The UK NHS recently issued a... Read more
1 year ago
Security organization JFrog has found a vulnerability in H2. The problem is similar to Log4Shell, the infamous threat in Log4j. H2 consoles on servers accessible from the outside can be abused for remote code execution (RCE). Multiple lines of code in H2 send urls to a 'javax.naming.Context.look... Read more
1 year ago
The emergency patch for the infamous vulnerability in Java library Log4j is not foolproof. Its developer, Apache Software Foundation, publishes a new version (2.16) in hopes of eliminating the vulnerability once and for all. A severe vulnerability in an extremely popular Java library puts the gl... Read more
1 year ago
The severity of the vulnerability in Log4j is anything but theoretical. Cybercriminals are scanning ports worldwide to find entry points for abuse. Security researchers observed hundreds of thousands of attacks. In the past few days, Check Point Research recognized 470,000 network scan attempts.... Read more
1 year ago
A critical vulnerability in a widely used open-source library for Java puts the global IT landscape on alert. The likelihood that your environment is affected has rarely been more significant. Solving starts with understanding. As such, we explore the problem with the Log4j vulnerability known as L... Read more
1 year ago
